You are currently offline, waiting for your internet to reconnect

HTTP Authentication: IIS Waits for Request Entity Body Before It Sends a "401 Authentication Required" Response

This article was previously published under Q328863
This article has been archived. It is offered "as is" and will no longer be updated.
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
When you use the HTTP POST verb to send data to a Web site that requires authentication, Internet Information Services (IIS) 5.0 returns the "401 authentication required" response only after all data has been sent. This may slow down middle-tier Web applications that must authenticate each request on behalf of the issuing front-end user.
This issue occurs if you use Windows NT LAN Manager (NTLM) authentication at the target server.
This problem is resolved in the hotfix that is described in the following Microsoft Knowledge Base article:
810814 FIX: Web Services Performance When You Use Authentication
You can also resolve this problem by installing the Microsoft .NET Framework version 1.1. To download the .NET Framework 1.1 redistributable file, visit the following Microsoft Web site:
To work around this issue, make sure that the client authenticates once and then uses keep-alive processing, which permits it to reuse the now-authenticated connection.
Microsoft has confirmed that this is a problem in the .NET Framework 1.0.

Article ID: 328863 - Last Review: 10/26/2013 13:30:00 - Revision: 5.0

  • kbnosurvey kbarchive kbhotfixserver kbqfe kbbug kbfix kbwin2000presp4fix KB328863